summary refs log tree commit diff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2019-03-04 13:32:36 +0100
committerLudovic Courtès <ludo@gnu.org>2019-03-04 15:22:58 +0100
commit8bb76f3d44c1f5ffec8011819494db306a51d801 (patch)
tree81764af0bacb859bbbc8d84e58835a7a306116ca
parentba926e35341c355fbfaf51d074269982a1e1ad8d (diff)
downloadguix-8bb76f3d44c1f5ffec8011819494db306a51d801.tar.gz
activation: Make home directories #o700 by default.
Until now they'd be #o755, except for /root, which is treated specially
in (gnu build install).

* gnu/build/activation.scm (activate-user-home): Chmod HOME to #o700.
Remove redundant 'unless system?'.
-rw-r--r--gnu/build/activation.scm6
1 files changed, 3 insertions, 3 deletions
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 0e77677de1..d516f5bdc9 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -298,9 +298,9 @@ they already exist."
                 (gid (passwd:gid pw)))
            (mkdir-p home)
            (chown home uid gid)
-           (unless system?
-             (copy-account-skeletons home
-                                     #:uid uid #:gid gid)))))))
+           (chmod home #o700)
+           (copy-account-skeletons home
+                                   #:uid uid #:gid gid))))))
 
   (for-each ensure-user-home users))